It's interesting to see that Google takes this so seriously they're backporting it to Android 6. I guess they probably have metrics on what Android versions are still in active use, but I'm a little surprised that Android 6.0 would still be used heavily enough to warrant the backport. Regardless, it's good to see this sort of industry cooperation from companies who would normally be at each other's throats.
Google made a deliberate decision long ago to detach library and feature support from the operating system due to manufacturer fragmentation. So most of their new stuff automatically works with old versions of android
Google Play System updates provide very few security patches and this only applies to devices with Android 10 and higher and most APEX modules are only updatable in later versions.
And the annoying thing is that on some phones (like Samsung phones recently, twice), the Play System updates get blocked for months on end. Worse, people who buy a new device are often stuck on ancient versions.
I recently tried an Android phone again for a few months, and the update/security situation is still a mess. E.g. Samsung does monthly updates on more premium phones. But a former flagship like the S22 would sometimes only get the update near the end of the month, even before the S24 is out. Having a phone with known CVEs for the better part of a month is… meh.
For some vendors, like Samsung, things are much better than a decade ago, but it’s still a far cry from Apple rolling out updates to all models simultaneously.
> Samsung does monthly updates on more premium phones. But a former flagship like the S22 would sometimes only get the update near the end of the month, even before the S24 is out.
This is complicated by their rolling updates per country, it can be few weeks between the first CSC (3 letter identifier for country and carrier variant) to receive an update and it being rolled out to the final one.
I was towards the end of that update cycle, so the Android security patch level could become quite detached from the actual month.
>Having a phone with known CVEs for the better part of a month is… meh.
Out of curiosity , have you ever encountered any malware that exploits said CVEs? If a month delay would be so dangerous, Android users, even of new devices would be getting pwned left and right, let alone Android users of device no longer getting patches.
Source: Android user of old phone who hasn't been hacked yet so I'm not sure where exactly the dangers are, as the attack surface is mostly the web browser and the apps, both of which are scanned and covered by up-to-date patches from Google Play Store/Services even on my ageing phone. So as long as you don't browse extremely dodgy websites, and don't download shady apps you should be good as nothing else can't get to the Kernel CVEs on your unpatched phone.
Yeah, I'm sure some crafty malware dev can whip out a targeted virus that can exploit the chain of open CVEs on my particular phone through a MMS message or something, but I'm not sure targeting the 100 or so users left still using this old OnePlus model that's worth less than 20 Euros used (pointing to a user without much income), is a good use of their skills and time, when they could be frying much bigger fish with that know-how like going after Microsoft's Azure or something.
Nor am I being targeted by state actors who have these means. And if you are being targeted by state actors, they have access Zero-Days that even Apple or Google haven't patched yet so you're not safe anyway no matter what phone you have.
> If a month delay would be so dangerous, Android users, even of new devices would be getting pwned left and right, let alone Android users of device no longer getting patches...Android user of old phone who hasn't been hacked yet so I'm not sure where exactly the dangers are
What are the odds that you'd ever know if you were hacked? If you have root access on your device your odds of being able to see something amiss are probably somewhat better than if you don't, but even then I wouldn't count on it. How many people detected Predator/Pegasus? It isn't just state actors taking advantage of zero days. A zero day gets that malware on your system, but once it's infected how would you know? There have been reports that millions of android phones are infected at the factory. (https://www.theregister.com/2023/05/11/bh_asia_mobile_phones...)
I don't know how you could possibly be confident that your device isn't infected with something. The devices are designed to keep you from having the ability to poke around too much at their internals and the radios make it difficult to monitor exactly what's being sent/received to the device.
>What are the odds that you'd ever know if you were hacked?
Would you know?
>I don't know how you could possibly be confident that your device isn't infected with something.
Easy, my bank account is still full.
How are you confident your phone isn't infected? Being up to date is no guarantee. Until you can poke around with root access to inspect everything it's still Schrodinger's cat in a black box you trust to not be dead inside.
Because how would malware ever make it into my phone? It doesn't just magic itself onto your device once it stops received updates. It needs an entry point off the attack surface. And what's my attack surface since all your examples don't apply to me?
I never download shady Apps from the likes of Huawei AppGallery lol or even off the PlayStore and I don't use Android 5. All apps I use are whatsapp and Google chrome, and I also don't browse shady websites on my phone.
That assumes the malware is intended to take your money instead of your data, or even just your internet connection. Malware can be used to attack/infect other devices or even just click ads. What kind of harm could someone who had full access to your device, including access to your internet activity, texts, location, camera, and microphone do to you without telling you about it (blackmail).
> Because how would malware ever make it into my phone?
Maybe it was installed at the factory. Maybe it came from literally any one of the many many vulnerabilities that made it possible to infect your device without any indication. Android phones have been compromised via text message, via Bluetooth, via QR code, and via apps.
It's great that you aren't doing anything obviously risky, but that isn't a requirement to get infected and the problem is you just can't know. You aren't the admin of the device. You don't have the authority to control what it does. You aren't allowed to see what it's doing. You can't see who it's communicating with or when.
I've also used phones which haven't received any updates for years without any obvious problems. Just maintaining basic digital hygiene like you do. In theory, one could use a zero-day in a web browser (like the recent libwebp vulnerability), then exploit one of the numerous CVEs in one of the system libraries or the kernel, and own the phone that way even without you doing anything worse than visiting a random website. For example, that's how one of the the first methods of jailbreaking PlayStation 4 operated.
Your average Joe six-pack like myself probably shouldn't really worry about it though, it seems more likely to be used against really high value targets.
You might want to try out another web browser that has aggressive ad blocking (Firefox, Brave, or Vivaldi should do it) since ads are one of the major methods of spreading malware.
>You might want to try out another web browser that has aggressive ad blocking (Firefox, Brave, or Vivaldi should do it) since ads are one of the major methods of spreading malware.
Under rated advise. Too bad said Joe six-pack donesn't follow it because it thinks other browsers "have viruses"
Are you suggesting we've got a statistically valid sample of Android users here to suggest that drive-by RCE exploits that have been published and patched on modern Android devices are essentially just a fantasy and aren't actually concerns at all for unpatched devices? And that the people in this sample would always clearly know their device was compromised?
FWIW, while I don't think I personally had an Android device hacked, I do think I've had family members with devices potentially hacked. One family member running an older version of Android continued to have lots of accounts constantly getting stolen despite using a password manager and unique complicated passwords. Pretty much any time they'd be logged in to an app there would begin to be fraudulent orders or other mischief on that service. They never installed shady apps. Rotate the password on another device, no problems for a while. Log in on the phone again and within a day or two have the mischief start again. All that stopped after replacing the device.
Another family member started getting popover ads on their device despite not having any odd apps installed that would be the cause. Even after a "factory reset" the popover ads continued to plague the device, as if it was embedded in the ROM.
My bank app is sht, The 2FA is EMBEDED in the app; in the beggining it was a separate app. It also needs Google Play Services. And I live in a third world country with little accountabilty. On top of all that, most people use very cheap chinese phones which never get any update.
Still, bank accounts have never been depleted through hacking of phones.
To be fair, it's non-trivial to convert hacked bank credentials to actual cash, due to anti-fraud measures, KYC rules, and reversibility built into the finance system. A better indicator would be $1000 worth of BTC on an unencrypted wallet not being hacked.
True, given that the average android phone probably needs 100s of CVEs patching, it's kinda weird that there's not obvious epidemic of phones being hacked
If something is actively exploited they definitely don't wait to months end. Also a Google update is not urgent if the vulnerability is not really exploitable on Samsung (they have some additional security) or a fix is already backported.
>Is this the reason that my old mid/low end android devices become unusable even through they no longer get updates?
More recent versions of apps (like whatsapp, which requires to be updated regularly) are unnecessarily more demanding. Try disabling Play services, all Bloatware, all quasi-bloatware (calendar, contacts), all the way to the default keyboard. (pm disable-user --user 0)
Install FOS replacements with no internet connectivity, e.g. from f-droid and such (not affiliated)
It is easier to buy a new device, but I get attached to my pal ;)
Has Android gotten that bad? I last used it in 2018, and haven't exactly missed it since, but even back then I didn't think of Calendar or Contacts as quasi-bloatware.
Most of the memory in a phone is flash. All flash memory has limited write cycles and there's a speed/lifetime tradeoff, also. Flash devices normally actually have more memory than stated, writes go to empty pages that then replace the original, which is then wiped. Every cycle the cell grows slightly weaker until one day it's too weak.
In the best case when a page write fails the memory controller discards the page from the pool, when the pool becomes exactly equal to the official size the device goes into permanent read-only mode. (Which would brick any device it's built into. A PC you could pop in another drive, a phone you can't.) Many devices have failure modes worse than this.
The better the quality of the memory the more margin it has, and how much you write to a drive has little to do with how big it is--from a practical standpoint life expectancy is roughly linear with size.
>from a practical standpoint life expectancy is roughly linear with size.
For the flash itself (the giant mass of NAND or NOR gates making up the cells), in terms of TBW it's straight up linear with size. 2 TB flash storage has twice as many cells as a 1 TB (of the same make) therefore can eat twice as many write cycles (unless the manufacturer does something on the sly like change overprovision ratio based on capacity, change from TLC to QLC on higher capacity units and "forget" to mention it, etc., but those are factors beyond the basic logic gate arrays).
However I don't think size effects MTBF as that looks at factors unrelated to write cycles; things like catastrophic failure of a chip or a short that catches fire and burns down the server farm.
Realistically speaking, MTBF has little bearing when considering flash storage lifetime. TBW is where it's at. If the specs only give MTBF, I tend to assume the TBW is bad enough it's worth hiding and I'll avoid those . If not that, then it's either straight incompetence, recycled flash scam, or the manufacturer just doesn't give a shit (all of which are way worse than choosing to omit a low TBW rating).
It may seem like i'm nitpicking the word 'roughly' but i don't disagree with the sentiment. Depending on how you want to measure lifetime (jfc don't use MTBF), it isn't exactly linear, but it's not the flash's fault.
> Supporting Android 6 would be like supporting iOS 9.
1. Your point still stands, but this is because this update is probably shipping as a Google Play Framework update, which works on >= 6.0. Google is not (to my knowledge) releasing a new firmware.
Apple would do well to decouple certain software components from iOS, IMHO.
2. In case others are curious about iOS version market share, statcounter's stats for April 2024:
As a developer, that long tail of folks on the previous major version really sucks with fast-moving frameworks like SwiftUI. There's no way my company (a banking app) would drop 10% of customers, so we typically do N-1 for iOS support.
Our Android app shipped almost 3 years ago with minSdk=24 (Android 6.0) and we haven't had to update it.
The web browser is a big issue with this, too. A Safari release broke IndexedDB and they didn’t release a fix for over two months because browser updates are tied to the OS.
If there's a critical security update they can release an update within days. So it's got nothing to do with the complexity of releasing a new OS, it's just that they found IndexedDB not important enough to warrant an out of cycle update.
I mostly work on Windows apps. People still complain when software drops support of Windows 7 released in 2009, or Windows 8 released in 2012. Despite none of them are supported by Microsoft.
It'd be a more fair comparison to take into account Windows 7's EOL which was just a year ago IIRC if you coughed up Extended Support money, its broad install base, and it being the last actually truly decent Windows that had a consistent UI across the place and no ads.
> Apple would do well to decouple certain software components from iOS
I'm not really convinced of this. When you control the entire hardware and software stack, and already provide updates for 7+(?) years per model, would doing this really change much? Google needed to do that because some cheapo manufacturers weren't really providing any updates to speak of, and Google has limited ability to force manufacturers to provide updates on any particular schedule.
It's funny, because to me this is really just the Linux model vs. BSD model, in a way. Linux base systems are cobbled together from various bits of software maintained by different people and groups. Many of those components can be updated independently of one another, including the kernel. The BSD model is to ship the entire base system as a versioned unit, and only update the entire thing monolithically. Android does the Linux model, iOS does the BSD model. Both models work just fine, depending on what your goals are and your distribution model.
I think the one thing I'd argue Apple should decouple from the OS is Safari. A web browser (and the underlying OS web view) should be independently updateable, even after a device stops getting OS-level security updates.
So this has the downside of not being supported for Androids that don’t use Google Play services right? Like the Amazon tablets?
Still a big win overall I’m just curious what number of devices basically don’t get important upgrades due to this method. (Surely a tiny amount compared to what you’d have if you relied on device manufacturers to update the OS.)
Google and Apple have fairly different platform software update strategies so I was curious how the support windows line up. Android 6 was the last supported release on devices like the Nexus 5 and Xperia Z3 from 2013 and 2014. iOS 9 was the last version supported for devices like the iPhone 4s and 3rd gen iPad that shipped in 2011 or 2012. Going forward to 2013 iPhones you have the 5s which was last supported in iOS 12. It sounds like Google is able to ship this directly rather than as an OS update that would need to go through manufacturers, while Apple typically deploys these type of fixes by pushing an OS update. I'm curious how far back they'll go, they rarely ship security fixes more than two major versions behind the current release (so maybe down to iOS 15, supporting devices released in 2015).
> they rarely ship security fixes more than two major versions
Every flagship iPhone since 2011 has gotten at least five years of OS updates, with additional years of security updates after that.
For instance, the original version of the iPhone SE is currently in its eighth year of support, and just got another security update a couple of weeks ago.
One issue with iOS vs Android is that iOS has the browser tied to the OS ala Internet Explorer. Once iOS is no longer supported, you're now using an unsupported insecure browser. And all other iOS browsers sit atop the unsupported insecure browser in iOS.
On Android, the browser is separate and you can install alternative browsers. The current release of Chrome for Android works with Android 8 which was released in August 21, 2017 and dropped January 2021. Android System Webview (the browser engine that other apps can use so they don't have to ship their own) works the same way and is independently updated from the OS.
Updating an app doesn't fix an issue that requires a security update, or a replacement driver.
> Virtually any Android, Linux, or Windows device that hasn't been recently patched and has Bluetooth turned on can be compromised by an attacking device within 32 feet. It doesn't require device users to click on any links, connect to a rogue Bluetooth device, or take any other action, short of leaving Bluetooth on. The exploit process is generally very fast, requiring no more than 10 seconds to complete
A browser update doesn't fix that and that and Blueborne was disclosed during the era when an Android device only had a support window of two of three years.
iPhones from over a decade ago were getting security updates, including for the browser, for seven or eight years.
Every month or so someone (usually a security company that wants to sell something) find a domesday exploit for android that is unpatchable, and then it gets patched or turns out to be a non issue.
> the browser tied to the OS ala Internet Explorer.
Internet Explorer was usually only loosely tied to the OS. Yes, many versions of Windows came with some version of IE, but you could usually install a newer version if you wanted. Every once in a while, a newer version of IE required a newer version of Windows, but that wasn't typical.
As I understand it, on Apple systems, Safari comes with the OS and is updated together --- Safari updates come in OS updates. Mobile IE was very similar though, at least on Windows Phone 7 and newer.
> Safari comes with the OS and is updated together --- Safari updates come in OS updates.
That’s true on iOS but not exactly true on macOS. Upgrading macOS also upgrades Safari, but you can also install newer versions of Safari on older versions of macOS. You just can’t have older versions of Safari on newer versions of macOS.
Two different things, Apple provides a pretty long window of OS updates for each device but doesn't ship updates for older OS versions. For example the 1st gen SE shipped with iOS 9 which has not been getting updates for a few years, but it can run iOS 15 which still seems to be getting security updates.
It probably seems odd when you're coming from a history of devices with a very short support window, but you don't need to worry about years when you only get a security update until you run out of years when you get the OS AND security updates first.
For instance, that original iPhone SE came out in 2016, the same year as the original Pixel phone. The iPhone is still supported by Apple today, while the Pixel phone was dropped from support by Google five years ago.
Google had to come up with a way to backport features to older unsupported versions of the OS because their support window was so abysmally short.
Hopefully, this won't be an issue going forward, with Google promising a comparable support window in the future.
FWIW, WhatsApp claims support back to Android 5.0, and if they haven't changed their support decisions since I left, that means there's a significant amount of users in the wild on Android 5.0. I'm not surprised Google only goes back to Android 6, they were always dropping versions from support before WA did; their threshold must be higher.
WhatsApp majority userbase sits outside of the US, and it's deeply embedded in many 3rd world countries. I'm not sure how their European userbase compares with the African/Asian userbase.
I reckon the WhatsApp userbase OS distribution skews much more to older android versions compared to an app that mostly enjoys US/1st world country userbase.
Certainly, the WhatsApp userbase is skewed. But most of WhatsApp Android users are also Google Play Android users (certainly not all, WhatsApp publishes the apk directly), so if WhatsApp doesn't want to cut off X million users on Android 5, but Google is ok with not supporting it, Google almost certainly has a higher threshold value required to keep support. I'd guess the Android 5 users with Google Play and not WhatsApp outnumbers the Android 5 users with WhatsApp and not Google Play, but none of those statistics are public.
With the number of Android devices out there, it really makes more sense to think about it in actual user/device count rather than percentages.
Unless I missed a memo, Linux LTS is 2 years of support these days. Many distributions offer 10 year LTS releases, but I’m not sure of any off the top of my head that currently offer more.
I feel like a couple things were mixed that aren't the same. The commenter upthread said 10 years for Windows OS versions. I took that to mean e.g. "Windows 11 will be supported for 10 years from initial release".
Sure, you can often install a modern Linux distro on a 20-year-old device (though just as often, you cannot), but that's not the same thing as a single version of Windows being supported for 10 years. The analogous situation is indeed LTS versions of Linux distros, which certainly don't have 10-year support lifetimes, let alone 20.
But the support lifetimes make sense for the various vendors. Apple doesn't need to support a particular major version of macOS or iOS for all that long, because they make sure new versions of their OSes will run on fairly old devices (all of which are devices they've built, and have full control over), and they aggressively push people to upgrade to new major versions as they come out.
Microsoft has a lot of customers who value stability and consistency above all else, and on top of that, they have to support a wide variety of hardware that they don't and can't control. Supporting a major version of Windows for many years makes sense for them.
As for Linux, there's no one single source, so a rolling-release distro can decide to only support the bleeding edge, whereas a cloud provider might roll their own distro for server use and decide to support that for a decade, if they think that's what their customers want.
I just recently pulled out an old phone that originally ran Android 6 for a project, hardware wise it still runs perfectly. The only thing wrong with it is that I can't upgrade it to a newer Android version.
From what I understand, backporting won't make a difference, unless vendors integrate it into their custom OS installs, and, from what I hear, they aren't really giving legacy support much love.
They are taking it seriously because of the legal liability issues. Their lawyers are clearly worried about the legal implications of their devices being used to track people and things for illegal purposes and want to make sure they have a level of protection against lawsuits from consequences of tracking devices used for illegal purposes. There are already cases of women being stalked using these devices.
> Their lawyers are clearly worried about the legal implications of their devices being used to track people and things for illegal purposes
Just that Android devices are not involved in tracking of AirTags, as of today only iOS devices actually share the location of AirTags back to Apple.
They maybe want to change that, but considering the huge amount of volume disparity between AirTags and Google's tags, I assume Apple would have to pay Google for the service of extending their tracking-network...
> It’s possible the tracker is attached to an item the user is borrowing, but if not, iPhone can view the tracker’s identifier, have the tracker play a sound to help locate it, and access instructions to disable it.
That means someone can steal your stuff, and then disable the tracker so you can't find it. Most people and myself included were sticking these cheap tags on everything we own, and it was genuinely useful during travel or in scenarios where theft was a consideration.
> That means someone can steal your stuff, and then disable the tracker so you can't find it.
This is by design. AirTags were never marketed as an anti-theft device. They had anti-stalking features from day one which were/are at odds with anti-theft.
It was marketed as helping you find things that are lost, nothing more.
> iPhones share the location of nearby AirTags with apple. Good for the owner of those AirTags, but the owner of the iPhone may not want this.
You can turn this off. Though, doing so is bidirectional: it also prevents your phone from sending out its own Bluetooth beacons when it’s not connected to the Internet, for other phones to pick up. Which might not be what you want. But if you’re worried about privacy impact, it probably is what you want.
Also keep in mind that the protocol already minimizes privacy impact by, among other things, encrypting the location coordinates with a key Apple doesn’t have.
You're right of course, but this represents a huge shift in the way we think about our computers now, and speaking only for myself I don't think I like it.
It used to be that when you bought a computer, it was yours. It did your bidding, nobody elses. Security features it had were about keeping other people out, not keeping you out of your own device.
Now, mostly IMHO thanks to Apple, the idea has really shifted. The owner of the device is a "threat" just like anybody else is. The device protects itself against unauthorized actions from the owner, and it does what the mother company wants it to do, regardless of the owner's desires. If the owner is trying to stalk somebody, then that's a better outcome than having the stalker enabled, but we don't get to pick and choose which things the device follows it's owners desires or the mother company's. If the mother company wants you using their chosen DNS servers, or exfiltrating user data for analytics, or showing you ads (Amazon especially), that's what will happen. Now that we've made it acceptable for companies to behave like this, they are going to (ab)use it to the max. I think this is a tragedy of the commons personally. People optimizing for individual use cases at the expense of the collective, leading to disastrous results for the collective.
One can debate whether anti-theft is a worthwhile trade-off for stalking, but because it's implemented as a peer-to-peer network, the consent of the owners of the other peers is relevant.
The huge shift here is that this feature exists in the first place - it's an on-by-default peer-to-peer network that runs on almost all phones, very few people know about and almost nobody would have consented to if they understood it could be used for stalking.
Isn't this a success of the commons? Apple decided on behalf of everyone else to use THEIR phones to find YOUR missing thing. That's a win for you as the owner of the AirPod. In order to make that decision palatable to the crowd, they tried to make sure your ability to use their phones without asking had minimal opportunity for abuse (they don't want you to be able to track them with their own phone).
I've not heard that term before and can't find it, but I think I know what you mean. If it seems like I've gotten it wrong, then please let me know :-) Thanks that is a very interesting question. To some extent it may depend on perspective.
I don't think so, because this isn't the commons doing anything, it's just a dictator with all the power forcing people to make the right choices. At least in the case of government enforcement, there's (ostensibly at least) some rights you have and limits/restraints on the government, including democracy which keeps it in check against abuse.
When it's a private corporation like Apple or Amazon just making these decisions, you have little to no recourse (except maybe switch brands, but there aren't many viable options out there for most of these devices. It's not reasonable to point most people to the Pine Phone for example).
To be the opposite of Tragedy of the Commons, I would think it would need to be people self-organizing or self-regulating to prevent the tragedy. If a powerful overlord forces it, I think it's something else.
> It used to be that when you bought a computer, it was yours. It did your bidding, nobody elses. Security features it had were about keeping other people out, not keeping you out of your own device.
Yeah, but when your device can infringe on others, it's ok to curtail those features. No one has unlimited rights.
Cameras (including iPhones with cameras) are allowed to be sold, even though you can point them at someone's bedroom window and infringe on their right to privacy. That's just one example. Another example is my right to peace and quiet in the quiet area of a train. Yet iPhones will happily blast noise out of their speakers there, and I have experienced many iPhone users doing so. When can I expect the phones to ship with a volume limiter?
> but you can't point them up skirts, or walk up to their bedroom window (you have to be at the public sidewalk/street).
What? iPhones will prevent you from doing that? How?
> Cell phones already have volume limiters, too
I wonder if you've missed GP's point... Your volume limiting link looks like a feature that the user can control. That means that Apple isn't preventing iPhone users from violating other people's right to quiet in quiet areas.
What are you even talking about? There's nothing about a camera that prevents someone from putting it in a tree.
And that link about the volume limit? Come on, dude. That's a volume limit which the user can configure to protect themselves from hearing damage. Not even close to what this discussion is about. It doesn't even apply to the speaker! Completely irrelevant.
There can be legal consequences to some speech, but our voice boxes haven't been flashed with firmware that limits our ability to use certain words. This is not at all analogous to what Apple is doing with iPhones. To be the same, it would have to listen/parse everything you say and filter out the offensive parts so other people don't hear them. It would also need strong technical measures to prevent you from flashing your own voice box firmware that allows you to bypass Apple's restrictions. If you can point to an implementation like that, then you may have a point, but I'm entirely unaware of the existence of such a thing.
I don't know where you live but that isn't at all true anywhere I've lived.
I've had two reasons to need to "find" things with AirTags where I specifically didn't know where they were:
- airline bungle, so luggage was left at a transit airport.
- forgetting where something had been put down.
But the most common usage is the opposite, positive confirmation: we've just left for the airport, check if everything says "with you" once you're a few hundred meters down the road.
If the most likely reason for something to be "lost" is that it was stolen, maybe you should move somewhere with a less than apocalyptic level of petty crime.
Perhaps zarzavat just isn't prone to losing things.
Personally, I'm careful enough with my keys etc (and lucky enough) that I don't lose them - I lived for several decades before the invention of the airtag, and developed habits not to lose things.
On the other hand, bicycles getting stolen? That happens.
There's a big difference between "theft isn't a concern" and "theft is the main reason things are lost". A place where you're more likely to get your things stolen than you are to misplace them is definitely a place with above-average crime rates.
And while I don't know where you've been and what your tolerance level for "worrying about" theft is, I've never worried about theft anywhere but very touristy places in huge cities.
It sounds silly, but I understand where he's coming from. I used to live in Philadelphia. You couldn't leave your bag down on the subway without someone running off with it right before the doors closed.
Wild. a family member of mine has paranoid schizophrenia and if something isn't where she thinks it should be she immediately jumps to "it was stolen." Even if the glasses are on her head or the phone is literally in her hand, she'll declare it was stolen and get upset.
It makes me wonder if she lived in one of those places earlier in her life (before I knew her) and might be more justified than it seems... ?
I know lots of people think that when they can't find something; it doesn't mean it is schizophrenic behavior in and of itself. I remember as kids discovering that other friends of mine also jumped to that conclusion. To my knowledge, none of us then or are now schizophrenic.
Sure. I also live in a place where you can't leave your belongings unattended even for a short time without a high risk of them getting stolen. But there's a simple solution to that: don't leave your belongings unattended, ever. Everyone I know who lives where I live knows that, and the incidence -- at least among my friends -- losing things to theft is super low.
I don't think this is a good situation, mind you, but I think people in my circle still misplace things orders of magnitude more often than their stuff gets stolen.
Uhh, I don't know about that. Since getting airtags I've misplaced my car keys multiple times, left my wallet on an airplane, and had multiple airlines misplace my luggage. In that same time I've not had anything stolen.
It is when it's countering other anecdata. If anyone has actual data then by all means show it and that will trump the anecdata, but without that, anecdata is all we have.
They weren't marketed but it was implied. If you forgot, they had to patch them a while after release due to stalking concerns so that "day one" point is moot.
> To discourage what it calls “unwanted tracking,” Apple built technology into AirTags to warn potential victims, including audible alarms and messages about suspicious AirTags that pop up on iPhones. To put Apple’s personal security protections to the test, my colleague Jonathan Baran paired an AirTag with his iPhone, slipped his tag in my backpack (with my permission), and then tracked me for a week from across San Francisco Bay.
> I got multiple alerts: from the hidden AirTag and on my iPhone.
Design doesn't matter after a point - you have to meet your users on their turf. Most people were using it for other reasons - and if Apple's stance is, fine - don't buy it, then so be it.
The device, from the beginning, was not designed as an anti-theft tracker. It’s always had features that made it unsuitable for this use case. At every point Apple has made it very clear they’re not interested in meeting users on that turf.
Users can say they’re not interested in it because it doesn’t suit their needs - that’s completely fine.
Source? I just use them to find my keys and remote, didn't know it was popular to try and recover stolen property given the alerts when you're near not-your-airtag for any length of time.
Police department recommendations are often wrong, and often based on either poor information about the domain the advice is being given in or actively-promoted (by police leadership) disinformation.
Police agencies aren't systematic domain experts except in the application of force to obtain compliance, as well as not having an interest in accurate advice.
There have been news articles since practically the day of release. I tracked stolen keys to a house a few miles away, but didn't feel like risking my life for them.
There are any number of products allowing you to mount them inconspicuously.
The killer use case here, as I think most people have figured out, is figuring out where your stuff is when it's in a system you don't have visibility into. Like if UPS says it's "on the way" from NYC to LA or something, and especially if the airline isn't sure where your luggage is. It's just spectacular for that.
And of course where did I leave my keys and is my backpack in the car or at work stuff, but that's the obvious/advertised use.
> For any product, users should be free to use it for any (legal) use they see fit.
None of these companies ever agreed to be bound by that value, and aren’t under any obligation to adhere to the tenets of Hacker culture. Hackers as a group have failed to convince the public that these things matter, so as far as these businesses are concerned, they don’t.
Like, I agree, it sucks when companies restrict what I can do with a device. But when that happens I don’t talk about it like they betrayed me, I knew what I was buying and decided to buy it anyway.
> Hackers as a group have failed to convince the public that these things matter
I distinctly remember friends at Apple being surprised, in the aftermath of San Bernadino, at the backlash they received for refusing to break the encryption on the shooter’s phone for the FBI [1].
You’re free to use the purchased device. You’re not free to demand changes. It’s not like you’re unlocking functionality that should be built in. Changing this would require patching the firmware of every iPhone
The reason apple designed it this way is so that someone can know if they are being tracked. If an air tag not associated with your phone is close by for a certain period of time, then it notifies you that you are being tracked.
This is a safety feature and its been there since day one.
Every phone is already being being tracked and logged. What youre really saying is that people often tolerate some tracking if done by CIA/phone company/Apple/Google/FB. We're just playing with semantics here. Tracking is either acceptable or not. The only real solution is to go off-grid.
It's reasonable for a person to have a threat model that's more concerned about their violent narcissist ex attaching an AirTag to their car than about the CIA.
If the FBI wants to obliterate me, they can get a warrant and send goons to my house. The costs of preparing for that threat model are excessive, so I don't.
If some scumbag ad company wants to track me, they can eat shit on my adblocker and not track me. The cost of preparing for that threat model is trivial, so I do.
CIA/phone company/Apple/Google/FB/some rando are all different, independent, situations; as a reasonable adult I have decided that some of them are acceptable, some of them are not.
>> helping you find things that are lost, nothing more.
So it is now on me to know whether my object is lost or stolen? Even if I magically knew all the details, that isn't a bright line rule. One person's "lost" luggage is another's stolen electronics. Clearly, more people are using these things to track down stuff that has been taken rather than find the remote control lost somewhere in their living room.
Will apple allow people to disable the tracking of other people's iPhones too in the name of privacy? What if my wife leaves her phone in my car? Can I get tracking disabled on that phone so she cannot track my location?
> So it is now on me to know whether my object is lost or stolen?
No. AirTags let you track your objects whether they are lost or stolen. It's just that they also alert potential thieves to their presence, so any reasonably competent thief will be able to disable them.
> Clearly, more people are using these things to track down stuff that has been taken rather than find the remote control lost somewhere in their living room.
My use cases are to (a) find items that I misplaced or lost somewhere on my own. (b) track the whereabouts of luggage that got lost by an airline.
These cases are not particularly hindered by anti-stalking mechanisms.
CR2032 batteries are lithium batteries, so they do fall under the rules for "Spares" (no to checked baggage). They are permitted "In Equipment" for checked baggage. They are on the "Lithium Metal" row as one of the three example photos.
At some point, airlines were raising concerns, but the rules have changed.
When I recently pointed out to the lost luggage department at an airport that I knew for a fact that the luggage (or at least the tracker) was right at the airport, they did not appear to be surprised or concerned at all.
> That means someone can steal your stuff, and then disable the tracker so you can't find it
This has always been the case with AirTags. They've had anti-stalking notifications since day one, and disabling one is as easy as a quarter test of the case to remove the battery.
It's possible to build your own tracker atop the Find My network without these anti-stalking features. The Find My network can even be abused for low bandwidth data transfer from any point in the world with an occasionally nearby iPhone.
The biggest anti-stalking feature is that the tracker will beep when it's notified when it's moving in proximity with a phone or other device. So obviously it's trivial to create a tracker that doesn't beep.
Your phone can also refuse to send notifications about the location of a nearby tracker if it thinks it's being tracked, but if there are a bunch of other phones nearby that can relay that information there is nothing to stop them from doing so.
That’s because Apple themselves limit access to authenticated (but supposedly anonymous - aka doesn’t matter whose) Apple IDs before allowing access to the geodatabase
Not for long, since cross compatibility with android is apparently coming.
IIRC, they need you running macos to get the data via a plugin for apple mail. If you only needed an appleID, it could likely be done in a web browser.
The cross compatibility is only for anti-stalking features, and is probably implemented in such a way that you couldn't use it to implement a tracker that works in both systems.
What I don't get is why nobody seems to have done the work to reverse engineer the onboarding workflow, and why Apple doesn't allow onboarding on Mac devices. I had to buy a (used) iPhone just to onboard AirTags, despite onboarding Mac devices works without one.
If I were to do this on a certain chip and put it in a random person's car, wouldn't they get a message showing 'X found moving with you'? Or is that only implemented for AirTags themselves?
Yes, they would, it tracks all BT devices, not just Airtags.
But even with an unmodified tracker, it's quite hard to locate one in a car, because there is a lot of hiding spaces (especially if you put one in some hard-to-reach space such as under the carpet in the cabin etc...).
Using randomized or rolling addresses avoids detection to an extent, depending on how many randomized addresses one uses and how often they're rotated.
However, it's also trivial to detect randomized (or rolling) addresses due to the address being utilized for more than a single locality. Although, I'm not sure that either Apple or Google is actually doing the randomized detection even with this new patch.
Yeah, I think the point of these devices is for locating lost items, not stolen items. Trying to handle the stolen use case but not allowing nefarious tracking seems to be at odds with each other.
Depends on what you're trying to track if it's stolen. A compartment in something like a car or an eBike that allows removal only by using an actually high-security key (i.e. something that LockPickingLawyer can't pick) or power tools that would seriously compromise the structural integrity of the thing in question would be something I'd pay serious money for... but no manufacturer of anything I'm aware of has actually gone that far.
VanMoof bikes connected to the Find My network if I remember correctly. I thought you can pay for access.
But to disincentivize theft, any device would have to be built in such a way that swapping the electronics or discarding that tracking module makes the device you were protecting worthless. Lots of secure handshakes between paired components, very secure software kept up to date, etc. which sounds unrealistic in most cases.
Together with that network access fee probably makes such solutions economically infeasible today.
> But to disincentivize theft, any device would have to be built in such a way that swapping the electronics or discarding that tracking module makes the device you were protecting worthless.
Not really. It just needs to be so difficult to remove without a key that thieves physically cannot remove / disable the tag without threatening the stability of the bike, car or whatever.
Doesn't need to be perfect, all it needs to do is provide sufficient survival time against your average crackhead.
An AirTag is a lost item tracker. What I was mentioning is a stolen item tracker. Very different propositions.
You’re proposing something that may be a paradox. The only way to make something physically hard to remove is to integrate it. Locks are proven to be ineffective for this purpose. When this ideal lock is invented you will simply lock your bike with it directly and achieve the goal of theft deterrence to begin with. No need for tracking if stealing the bike destroys it.
Getting an AirTag into a mechanically locked compartment of your bike is useless. You even mentioned LPL so you know any such lock will be bypassed in a matter of seconds, maybe even less time than it takes you to put the AirTag you just bought in there. So your theoretical protection model hinges on something that doesn’t exist yet: a lock that you can easily open to put an AirTag in and service it but that nobody else can unlock.
Car or e-bike manufacturers paying for access to any “find my” network means they can heavily integrate the expensive electronics in a way that makes removing the “tracker” part truly impossible (it’s on a main controller chip) or severely devalues the object if you do (the chip/board is prohibitively expensive and impossible to find on the open market). It’s more expensive and kills self repair but reliable anti theft might be worth it to you. Think of the iPhone model here.
At the end of the day the Find My network exists to be used by different manufacturers [0]. The unpickable lock doesn’t.
> An AirTag is a lost item tracker. What I was mentioning is a stolen item tracker. Very different propositions.
There's two different types of "stolen items"... you got organized theft, stuff like people stealing cars that are then parted out in Eastern Europe [1]. And then you got stuff like people going for joyrides - this is something that can be solved by even a decently hidden AirTag.
No I get that. For cars it’s actually a lot harder because they have a lot of valuable parts that can’t be meaningfully secured.
And joy rides are the worst of all because the perpetrators aren’t around by the time you locate your car of bike. Locating it is actually the least of the worries, it’s usually crashed somewhere or thrown in the river.
But a phone, e-bike, or expensive camera, etc. are better served by integrated “Find My”. If it gets to Shenzen it’s lost anyway but otherwise removing the activation locks or location mechanism in practice will destroy the core of the device.
Locking an AirTag behind a mechanical lock cannot achieve the same. It takes a minute to pick or drill the lock and ditch the AirTag in an envelope to Shenzen. Think of LPL and what lock can prevent that. The lock is still the weakest link and if it can’t protect the bike directly, adding layers of complication directly relying on the same weak link seems pointless.
Can you please describe what scenario you imagine an airtag would be useful in tracking down a stolen item in an airport?
I ask because I'm at a loss. BLE from these little devices has ~40ft of range on a good day, and even if a mesh network were involved, I fail to see what the airtag could do that would help you recover your item. Sound an alarm? Great, the thief knows where it is now, and they can just yank it out and throw it in the trash. Give you GPS coordinates? Great, that'll really help after you find security, tell them what happened, convince them it's urgent, and explain to them what they're looking at when you show them the app. Of course that all assumes the airtag (or a nearby mesh device) has a useful GPS fix, and the thief hasn't already found the tag and thrown it in a trash can or something.
Imagine you put an AirTag somewhere deep into your suitcase, and someone malicious steals it and then drives off with it. With the current model, the thief will get notified there’s an AirTag traveling with them, and they can play a sound, find it and remove it / disable it.
Imo without these features it would be rather unlikely for a thief to find AirTags quickly or even realize it’s there.
The ~40ft range is more than enough, the global mesh network of all iPhones is the whole point of the AirTags, there’s no “gps fix”.
So we're in agreement about the technical situation at hand - rely on nearby devices' location data. This should work fine in most airports, sure.
I'm still stuck on all of the friction involved in actually using airtags as a theft recovery device. Neither the tag or Apple's service can contact police or airport security on its own, so you're spending who-knows-how-long flagging down security, explaining the situation, and waiting for them to relay that message back to an appropriate authority who will go find the thief.
Alternatively, you skip the "talk to security" part entirely and go find the thief yourself (assuming you're comfortable with that sort of confrontation). You're still dealing with a moving target - one that can very easily leave the airport entirely, forcing you to choose between sacrificing your bag and potentially missing your flight, a cab, etc.
You also run into a proliferation issue. The more popular airtags become as a theft-recovery device, the more thieves will know to look for them and remove them from stolen items.
Google Maps generally shows my location inside of airport terminals pretty accurately, so it stands to reason that the network of iPhones in a terminal could plot a tracker's position pretty well. If someone has your bag and you know which direction they're moving, you could possibly catch up and get close enough to either spot it or (assuming you have an iPhone 11+) get a Ultra Wide Band fix to finish pinpointing it.
Bury the tracker somewhere too inconvenient to locate and remove quickly, and they'll count on not removing it until later (or they'll just ditch it once it starts beeping).
> Most people and myself included were sticking these cheap tags on everything we own, and it was genuinely useful during travel or in scenarios where theft was a consideration.
Yep. That ruins half the value of AirTags. It's a limitation that their competitors, like Tile, didn't have until very recently.
Every time this comes up, someone butts in with "they're for lost items, not stolen ones!", which is technically accurate but pedantic beyond reason. "Stolen" is a special case of "lost" for most people. In both cases the object is out of the owner's possession. "Stolen" just means it's deliberately missing and not accidentally so.
I understand, sympathize, and support the idea of making life harder for would-be stalkers. My gut instinct says non-notifying AirTags would make life harder for many more thieves than the self-tattling AirTags does stalkers. Apple and Google agree with each other that inconveniencing those losers outweighs abetting thieves. That's their decision to make. I'd still be irritated if I couldn't find my lost-with-the-help-of-a-thief bike because my AirTag told the thief I was looking for it.
I think the idea is that thieves that have already been successful at removing the item from your possession are much less of a threat to your life than someone who is actively tracking where you are. It's a debate worth having, which one should be the priority, but I can appreciate the logic of doing it this way.
I can, too. I can also think of counterexamples: if a person is broke, they use their bike to get to work, and someone steels it, that's going to give them a very, very bad week. There's some hard calculus there I'm glad I'm not in charge of. Blocking 1 stalker is clearly more important than blocking one sunglasses thief. I suspect that blocking 1,000 bike thieves would have a bigger societal benefit than blocking 1 stalker.
These are hard questions. I can appreciate the challenges. And yet I'd still be highly peeved if I could my AirTag laying on the ground because it alerted a thief who then removed and discarded it.
Stalking is way more common than successfully recovering items with a tracker like this. It’s usually a bad idea to even try. I followed a tracker into someone’s yard only to discover that the thief had thrown the tracker over the fence and I was just trespassing.
Even if the tracker didn’t alert the thief, how hard is it for a thief to find a tracker on the bike on their own? I don’t think an AirTag is going to save too many bicycles.
Seems like the calculus would only make sense when you are talking about big expensive items - cars, boats, RVs. But for those you probably want a non-bluetooth solution.
The bikes getting stolen here are people's "cars". Electric cargo bikes with room for two children is what people use to get around. Getting that stolen ruins daily logistics for people. They cost up to $10k, which is a significant amount of money. People should really rethink the societal cost of bike thieving, they are both more expensive and more integral in how people move around. Not just children's toys.
I only want AirTags or similar to guard against thieves. So if that is not going to work it's quite useless for me. Luckily for bikes, there is https://bikefinder.com/
So I've got the tools to cut that thick bike chain but I somehow can't pull device inside the handlebars out or destroy it? It looks like their special tool is just a star security bit.
And also, would it really hold up to just being cut with whatever tools the thief used to cut your bike chain?
I think we can agree that victims of domestic abuse and stalking have a risk of physical harm and that physical harm trumps property rights / being peeved right?
This is a 0-sum choice & erring on the side of not letting this product be used for stalking seems like a sane choice. There are stalking products you can go buy that are more expensive that can give you the theft protection you want. Apple's and Google's monitoring network is unfathomably large and can passively monitor any device anywhere in the world. The threat vectors they have to balance against abuse is completely different.
You say that right after I give an example of where property crimes can seriously mess up someone’s life. Yes, 1 person’s personal safety is more important than 1 person losing a convenience item. If it were a choice between 1 person’s safety and 1,000,000 persons’ transportation, I’d pick the latter every time.
The choice Apple faced clearly isn’t 1 stalking victim against 1,000,000 people unable to get to work. I use that example to show that it’s not as simple as “safety vs annoyance”. Apple and Google ran the numbers and erred on the side of safety. That doesn’t make it an automatic or simple choice.
Think about it this way - without AirTags and with AirTags + anti-stalking, your bike theft scenario is unchanged. Without airtags and with AirTags without anti-stalking, your personal safety scenario is worse. Those are the discussions I remember when I worked on CoreLocation at Apple. It had nothing to do with running the numbers, at least pre-development. I would be slightly surprised if someone tried to put numbers to that - Apple is pretty values-based when it comes to those kinds of decisions.
The stalking issues go well beyond personal safety. Police officers, judges, politicians and cops who now have to worry about someone chucking a $25 airtag in their car which is much easier to do innocuously and those people have power to craft regulations and laws. Abortion rights are even more contentious now & stalking comes up there.
There just isn't a scenario where opting in the entire world-wide smartphone community into enabling mass stalking at a never before price point is a net positive - there just aren't enough poor people with stolen bikes to shift that equation. There's a reason AirTags destroyed Tile - Tile's network is laughably small & would always be that way compared with the reach you get at the OS level. That drastically shifts the threat model.
We'll never know. The personal safety issues are important and I'd never argue otherwise. Having cheap, effective crime deterrence seems like it could be a nice thing if you could wave a magic wand and remove the stalking angle. Apple keeps adding features to those ends, like the new Stolen Device Protection updates, that shift the risk-reward math for device thieves. I could still buy a cheap used phone and stick a SIM in it, hide it in a victim's car, and use that to track them without alerting them to it. And still, we get nice tools like Find My because more people are likely to lose their phone or have it stolen than to stalk their exes with it.
I understand the personal safety issues. They're important. I get it. That doesn't stop part of me from wishing I could use these cheap, convenient lost item devices to help me track down stuff that wasn't exactly accidentally lost.
Buying an old phone or watch and using FindMy is a compelling counter argument. The problem is that the cost of that is meaningfully higher - it’s a $25 one time purchase vs ~$50-100 + a recurring ~$30/month. The size of the device is another one - the phone or watch is substantially bigger than an AirTag (or how small an AirTag could become over time). Finally, a phone or watch has a much shorter battery life to support tracking. You could trade off accuracy for a much longer battery life, but you’re still capped to maybe a couple of days or even a week if you really know what you’re doing. That’s compared with ~1 year of unattended AirTag use.
As for crime prevention, I think you’re overestimating how much of a benefit that would have. Stolen device protections remove the value from the stolen device. That’s not the case for your stolen bike - thieves don’t actually care if you can track the device because a) knowing where your stolen property is doesn’t actually aide in it getting recovered b) as long as they can move the stolen product along quickly enough the information becomes too stale to action on it (remember - police usually need a search warrant). My cousin’s car got stolen with AirTags in it but he got lucky in that the police did something about it - plenty of news stories of AirTags in cars with people trying to get the police to do something and the police not being able to for a variety of reasons. And that’s cars which are orders of magnitude more expensive than bikes that police won’t bother with. Look up VanMoof theft stories to convince yourself that tracking is useless: https://www.reddit.com/r/vanmoofbicycle/comments/zbexyr/upda...
Smart watches are not meaningfully larger than airtags if you take the wristband off, and a cheap prepaid plan for $5 or $10 would be more than sufficient. You also don't need FindMy because the cell network itself can triangulate.
There is a genuine need for anti-theft technology. Apple doesn't have to address that market, likely because they're afraid of brand damage, but stalkers already have plenty of options available.
As I said, the battery model is drastically different for active trackers. 7 days of surreptitious monitoring vs 1 year changes the risk profile of noticing these trackers / how many you can have before the logistics of recharging all of them wears on you. And if you’re unlikely to recharge each of these every single day, your protection drops on average to 3.5 days.
It’s not just brand damage - passive tracking using every single smartphone opted into the tracking vs active tracking where you have to expend more battery AND pay for an ongoing cellular connection each month is a tangibly different use-case with different threat models.
I'm assuming you're waiting until the end of the 7 day battery life to recharge it (e.g. you recharge every Sunday) and I'm assuming the probability of a theft is uniformly random throughout the week. Thus, on average, you'd expect stolen devices to only have half the battery left because there's equally many stolen on the first day (7 days of battery left) as on the last day (0 days), equally many stolen on the second day (6 days left) vs penultimate day (1 day left) etc etc. At scale, that would average out to stolen property having attached devices having half the advertised battery life.
You can argue that you'd be more dilligent about recharging but I'd counter that at scale you'd be the outlier. On average I'd actually expect an average battery life when stolen closer to 0 because people wouldn't be diligently recharging them & reattaching them (i.e. either the battery life would be 0 or the device wouldn't be attached to the desired property).
I don't think people would only charge when the battery runs out. More likely people would charge weekly, say on a weekend night or during their weekly WFH day or something like that.
A 14-day battery life would then mean an average of 10.5 days of protection, which isn't too bad.
> You can argue that you'd be more dilligent about recharging but I'd counter that at scale you'd be the outlier.
I don't know about this. For bicycle users, charging their rechargeable headlights and taillights regularly (typically once weekly) is very much a habit already. This is just another thing to charge at the same time, which is a time they aren't riding their bicycle.
Thanks for sharing your experience at Apple. It's really valuable to understand exactly how decisions are made at big tech companies, especially for sensitive issues like this.
That said, I'm saddened that the approach seems shortsighted, since it doesn't sound like it considered a holistic picture, but rather was based on a specific value judgement. This seems to put other issues, like the whiplash around the approach to CSAM into perspective.
That isn‘t enough reason to make these things useless. A knife can be used to kill someone and to cut meat. And we still haven’t removed the sharp edge, have we?
There is a big liability issue for these companies if they say its for tracking stolen items. Anecdotally according to reddit threads, police don't care if you have the tracker showing its at the thiefs house, thats not enough evidence to do anything and its not an active crime with people in danger worth being prompt about. law enforcement also don't want you to confront the thief due to the risk of that situation escalating. If these companies start advertising for stolen items they are effectively encouraging vigilanteism and you can imagine how much of a legal headache that will be as soon as the first airtag user is shot dead.
Airtag pinging a location that may not even be accurate is not a reasonable cause for search nor even enough information to know where to search in some cases. Imagine the airtag says it is in an apartment complex. Which of the hundreds of units in that building do you decide to barge through and search? All you have is a 2d map and 35ft resolution on a good day.
Not sure what I'm missing here, as Airtags have long worked like this - that as long as you had an iPhone or an Android phone with the anti-tracking app installed, you'd be notified of being stalked.
So if your bike thief had an iPhone, they'd be able to find the tag anyway?
AFAIK the only major difference is that it's now being baked into the Android OS so people don't need to actively download the app.
Yes, I think the PR backlash for such features is too great that it spoils them for the rest of us.
When people "misuse" any technology, it seems the consensus nowadays is that the responsibility is shared between the technology creator/owner and law enforcement. Personally, I'm not fully sold as this is mainly a sociopolitical question.
It would 100% be used for stalking & be directly contributing to easier violence against victims. Not sure I buy the argument it's purely because of image PR reasons vs there being a genuine well-founded harm-minimization strategy for why it's designed this way.
You can call anything you do as a "genuine well-founded harm-minimization strategy", but nobody is out there banning knives and gardening shears and shovels and baseball bats and other tools that can contribute towards "easier violence" because of the cost to society. You either have an absolutist/ideological view on this, or you're willing to compromise. Ultimately its a matter of perception, and then too, some people are easier to convince than others.
I really don't understand your argument here. No one is banning you from building stalking devices. Apple and Google have chosen by themselves not to do that & are working to standardize their particular implementation (which you can also see in this thread there's a lot of support for). That's very different from banning knives and gardening shears.
And I think you are taking a very US-centric view. For example, switchblades & similar quick-open knives aren't legal in many jurisdictions. So yes, many countries recognize that tools have a trade-off and are willing to legislate their usage depending on problems being observed.
It's very rare to find a true absolutist on any idealogy unless they're completely blinded - it's just that they draw the line further away than someone else / need a stronger argument to convince them. For example, I'm going to guess that you're not in favor of laissez faire with respect to nuclear weapons & tech - cause that shit is actually really easy and cheap to build these days & the sole difficulty is the regulations that surround it.
>I really don't understand your argument here. No one is banning you from building stalking devices
I use airtags to not just locate lost stuff, but also as a potential means to find stuff when stolen. Its not about me wanting a way to stalk someone, what a bizarre thing to say!
>It's very rare to find a true absolutist on any idealogy unless they're completely blinded - it's just that they draw the line further away than someone else / need a stronger argument to convince them.
Oh, I'm not a libertarian, I'm firmly pro-government. I'm just not pro-nanny state. I'm willing to compromise if the other side is too. However am I not allowed to complain, even a little?
> Its not about me wanting a way to stalk someone, what a bizarre thing to say!
Please describe how what you’re asking for is different than stalking the people who stole your stuff? More importantly, how would Apple/Google know how to differentiate between the two use-cases?
> However am I not allowed to complain, even a little?
You can always complain but your complaint is pretty non-sensical because this is private corporations making a decision and government isn’t involved, so it’s unclear how this is a nanny state. Go build your own tracker that meets your specifications?
And yet tiles have been out for something like a decade and I've never seen a news story about them being used for stalking.
100% indeed...
Stop your screeching that is feeding the asinine moral panic that has resulted in these things becoming worthless for tracking packages and stolen items.
1. You need to go compare the reach of how good Tile’s tracking is vs literally nearly every smartphone being opted-in transparently into tracking these tags. This is drastically different.
2. Tile is a smaller target, so “I’ve never seen a news story” just means the reach of any such story is smaller.
3. Maybe Tile already has similar protections? It’s against their TOS [1]
4. Tile has been sued for stalking [2]
5. Tile is offering an anti-theft feature provided you have to use biometrics & give them a government ID and you have to agree that they’ll sue you if you use it for stalking [3]. So Tile too is clearly concerned about the stalking problem, they’re already being sued around it, & they’re a drastically smaller target than Apple and Google (no one is going to craft legislation around what Tile is doing). Apple is 3x the size of Tile by itself.
You can disregard it as moral panic but how would you distinguish that from a genuine concern of the potential for an abuse for a technology? Strict liability isn’t popular these days but it has ebbed and flowed as a doctrine. Failure to try to try to do a good faith attempt to prevent this problem would certainly land Apple and Google into hot water when a case of stalking inevitably happens using these devices.
3. Tile doesn't (or at least didn't as of when I replaced my last one with an AirTag). I don't put much weight in the TOS bit; I'm sure it's against Apple's, too.
5. If Apple launched an AirTag Pro at twice the price with these controls but otherwise identical hardware, I'd be all over it. They're leaving money on the table.
So which is it? Is it unjustified moral panic with 0 evidence of harm & Tile isn't doing anything or are you just upset that these big companies aren't building the product you want to buy?
With 5 you're now shifting goal posts by introducing a non-sequiter to my point 5. I've clearly highlighted that Apple always balances money-making opportunities against their values around privacy & public safety. No one is forcing you to buy this product. You should also fully expect to see Tile utilize this standard so that they can leverage the reach of having every smartphone in the world scanning for these instead of just other Tile customers.
I think you're right. I get the push toward that consensus. There are plenty of makers (cough cough Purdue Pharmaceuticals) who make awful, abusable things and then say, hey, it's not our fault people are misusing them! It still sucks getting caught in the middle.
Thinking system-wide changes through is what public policy is all about, and the same should probably be true of shipping devices in the tens of millions.
(That doesn’t mean it’s easy. Doing pilot studies is a good idea.)
It's a fundamental tradeoff. And who's affected in each case?
The anti-stalking bias degrades the product for people who've bought an AirTag and become victims of theft. It's a limited population. People are unaffected by default.
The anti-theft bias means everybody is a potential victim of stalking. If I have no interest in AirTags, anybody else can still tape one to the bottom of my car and track me wherever I go. Everybody is potentially affected.
Even if theft is far more common than stalking, an anti-theft bias would be a tough position for Apple to defend if it means they're potentially facilitating stalking for the entire population. It may not be ideal, but I can understand it.
You also have the situation where if air tags did not have the anti-stalking features, there would be far more stalkers in the world. I'm sure there's many people who would not buy a GPS logger and connected to someone's car, but they might "forget" an airtag in someone's car, were it not for the anti-stalking alerts.
I suspect if Apple went the Anti-Theft route, thieves would not stop thieving, they would just start searching large stolen items for air tags before bringing it to wherever they may.
I believe you’ll find that tracking your stolen items is just a recipe for frustration when you tell the police where your shit is and they act like you’re the asshole when you expect them to do anything about it.
(And no, this isn’t connected to current politics—I’ve not known cops to care about tracking down stolen good no matter how much evidence you can hand them, since at least the 90s)
This so much. Confronting thieves is always a bad idea. I prefer to view it in a positive light. The thief probably needed the stolen item more than I did. The thief is happy, I am happy for the thief. The overall happiness in the world has increased!
> inconveniencing those losers outweighs abetting thieves
This feels incredibly minimizing for people who have been stalked. Or people fleeing domestic abuse, human trafficking, or other forms of abuse where controlling a person’s movement is a large part of the harm being inflicted.
Stalking covers a wide range of activity that impacts people who are usually in a vulnerable or dangerous situation. The people who would use tags to track people aren’t just “losers”, they’re pimps, rapists, murderers, abusive spouses, and so many other awful things.
Inconveniencing them far outweighs someone stealing your luggage.
They are already pretty worthless as far as air travel goes in my experience. Airtag indicated my bag was on the tarmac at the first airport pretty much until it dropped in front of me in the baggage carriage at the last airport. Effectively it gives me zero information I didn't have already from the old analog method of using ones eyes and following up with airline staff.
Their utility is directly tied to how many Apple devices with gps and data are in close proximity to them.
I get significantly better responsiveness from them at an Australian airport or Singapore airport than I do at Bangkok airport. That doesn't mean they don't work, it just means it's unrealistic to expect minimum wage baggage handlers in Thailand to have an iPhone in their pocket.
What about baggage handlers at two major US hubs where this bag flew? Plus presumably an entire plane of iphones and that plane is certainly not a faraday cage.
Its crazy, but sometimes people have non-Apple devices. There's a decent chance none of the baggage handlers had an Apple device on them when they were handling the bag, or they were only around the bag so briefly it was between the airtag's chirps.
There's a good bit of separation between the cabin and the cargo hold. I imagine it could be pretty difficult to get a read from a low power tag deep in a bag in a pile of other luggage with several other big metal plates between.
That was a case where Lufthansa was confused about the difference between (volatile) Li-ion rechargeable batteries and the (benign) Lithium single-use coin cells in the AirTags. They retracted their stance on them after a day or so. It was a fire hazard thing, not a "we don't want you tracking items" thing.
Lufthanasa, like other airlines, was pissed that customers were routinely catching their employees claiming their luggage was "lost" when it was sometimes even sitting a few dozen feet from the person who was claiming the luggage was lost, so they made up some obvious nonsense about them being hazardous.
Unless you think a huge, high-end airline "got confused"? It wouldn't have been against regs even if ti was a lithium ion battery because it's so tiny. What do you think they do about the millions of electric toothbrushes and shavers people travel with that have much larger lithium ion batteries?
They retracted it because it ended up causing a Striesand Effect, putting a lot of sunlight on how airlines do a very brisk business selling "lost" luggage.
> Unless you think a huge, high-end airline "got confused"?
Having dealt with battery regulations with airlines, couriers and postal services many times, yes, yes I do. They routinely fuck it up, even claiming that AA Alkaline batteries are too dangerous to ship.
> They retracted it because it ended up causing a Striesand Effect, putting a lot of sunlight on how airlines do a very brisk business selling "lost" luggage.
... and lots of cases of "lost" luggage being due to the fact that decades after implementing paper tags, neither airlines nor bag/trolley manufacturers have gotten their asses together and worked on a standardized way to reduce instances of tags simply getting ripped off during handling.
Like, it wouldn't even be that hard. Place a long, wide recess maybe 2mm deep along the entire trolley, where the tag can be stuck in and is guarded that way against conveyor belts or other bags ripping off the tag.
And maybe invent a system where you have to scan your boarding pass and the tag barcode to leave the baggage claim area to reduce the amount of cases where people have taken the wrong bag.
Aren't there third-party devices like Tile that you could use? Sure, it can't be tracked by every iOS and Android device, but it's not like there aren't trackers that you and your wife could both use.
CEO of Tile/Life360 here - I made a meta comment but I'll call out that because all Life360 users now scan for Tiles, and we are on 1 in 8 phones in the US, our network is actually huge. The small network thing is a misperception. We bought Tile knowing we could supercharge their previously small network.
I was in the location data space. These guys got out completely. It was a big loss to the industry since they had great coverage. They definitely weren’t lying about that.
I'm a Tile owner (soon to be ex-owner), and I think your response is a little disingenuous. When Google announced recently they'd open up their Find My Device network to bluetooth trackers, I assumed for sure Tile would be on board. I was dismayed to discover Tile specifically has no plans to join the Android Find My Device network, unlike Chipolo and Pebblebee. So I switched to Pebblebee.
The Life360 network may be sizable but it's going to me nowhere close to the iOS or Android networks, and it's going to get a lot smaller with folks like me leaving. If Tile supported the Android Find My Device network I would have stayed.
I disagree. There's a clear disclaimer of who they are, and they're responding to a specific criticism.
Their comment at the top level also has that disclaimer and while it's written in a bit of a marketing tone, it adds substantive value to the discussion.
One major value of HN is that we get people who are actively involved in building various pieces of technology directly engaging with the community. When there's a strong disclosure of who they are, that's almost always a good thing. (Of course, some organisations don't encourage that disclosure and that's a little more ambiguous).
I think it's pretty fair to make this clarification and I don't fault a company for wanting to squash misinformation about their product. I found it to be a useful comment because I had no sense of the scale of the Tile network, and I did have an intuition that it was much smaller.
I have zero affiliation with Tile and I have never bought any device like this of any sort, but this is useful information to me as someone who has been the target of frequent bicycle theft.
The criticism I will agree with is that it does feel worded a with a bit of a corporate polished tone that does give that vibe. edit: I think it's largely the "supercharge" descriptor.
Like @RobertRies, I found this comment useful. I've never bought a Tile but now that I know they have this much penetration I'm somewhat more likely to. I also had not seen the other posts by GP, so don't find it redundant.
These trackers work by connecting to nearby phones, with the phone supplying GPS information and uploading it via its cell connection. So a Tile tracker will only get its location updated if someone with the Tile app is nearby, and since Tile users are relatively rare the tracking is only reliable in very busy places.
Apple and now Google trackers on the other hand build this functionality into the OS (or Google's near-OS bundle for Android), so if basically any phone comes within range of the tracker it will provide a location update.
> How does the tracking network size affect functionality?
Ability to actually find lost items. AirTags are so successful (in the US) because of the ubiquity of iPhones which are, effectively, constantly reporting on the location of detected devices. A smaller network of listening/reporting devices will not be as effective unless it happens to be very popular right in the area the device was lost.
The devices don't have any GPS. Instead, they have a unique ID that phones see, and report their location to Apple/Google/Tile. If the network is bigger/denser, then your devices is more likely to be detected, and detected more often.
Tile is essentially useless, especially compared to airtags, annoyingly.
I had a tile, however I fianlly got rid of it when I was unable to locate my keys in my house. It sent me on a wild goose chase saying that it had been last seen near my bins.
I was in the same room as them for the first 15 minute of it beaconing.
Airtags seem to acutally work reliably, and because you don't need the app running, has a good network to find them outside of my house
This is great and it came up at dinner last night which is kind of weird.
Had the odd experience of going to a retreat where everyone sat listening to speakers, and then all went to lunch, and then back to the speakers, then all to dinner, then back to the speakers. And my iPhone popped up an alert that there was an airtag following me. (It wasn't of course it was an airtag in another attendee's bag to track their bag which they had with them, near me kind of randomly, but being driven by the same forces of movement :-)).
My understanding is you should only get the notification if the tag isn't with its owner. That's how it plays out in my personal experience. Back when AirTags were completely broken and didn't support family sharing, I'd get notified if I had my wife's car keys with me only when she wasn't with me, i.e. because I grabbed hers to run a quick errand.
This notification would be utterly useless if that were no longer the case: you'd spend half your time on a flight or bus ride closing the unwanted and unhelpful popups.
I use AirPods Pro but an Android phone. My girlfriend and friends we hung out with would complain about these, so I eventually found a way to turn off "Find my device" on the AirPods by connecting them to my iPad. I now can't track them but also people aren't mad at me for "tracking" them.
Interesting. I've had Apple users recommend AirPods to me before, but I don't own any Apple devices so I already had a feeling it wouldn't work out. Would be insane if they would constantly be generating alerts on others their iPhones.
I think if you use them out of the box, they won't generate the alerts. If I understand Apple's data model correctly, once I paired them to my iPad for the first time, they were enrolled to my iCloud account, and then the tracking system was enabled.
I took amtrak from Chicago to DC recently and my phone was constantly trying to tell me I was being followed/tracked cause someone else in the sleeper car had an airtag.
How can I get my Android to stop notifying me about a specific AirTag? I searched quite a bit and couldn't figure it out.
I get these unwanted alerts every time my wife and I travel with luggage that she's placed AirTags into. I guess my phone thinks the owner isn't present because she doesn't have an iPhone. We both have Android phones, and she also has an iPad which she used to configure the AirTags but it's normally turned off.
Edit: I think I misread that. When you see an AirTag popup, you can choose to ignore it for the day or forever. That's from my recollection. I haven't seen one in ages.
3.13. Disablement
The accessory SHALL have a way to be disabled such that its future
locations cannot be seen by its owner. Disablement SHALL be done via
some physical action (e.g., button press, gesture, removal of
battery, etc.).
Ledvina, et al. Expires 22 June 2024 [Page 26]
Internet-Draft Detecting Unwanted Location Trackers December 2023
3.13.1. Disablement instructions
The accessory manufacturer SHALL provide both a text description of
how to disable the accessory as well as a visual depiction (e.g.
image, diagram, animation, etc.) that MUST be available when the
platform is online and OPTIONALLY when offline. Disablement
procedure or instructions CAN change with accessory firmware updates.
These are provided as part of the onboarding process (Section 7).
Yes. Physical access would likely be needed for most of these devices and would be sufficient for satisfying the RFC, based on the examples in section 3.13.
So you might get a notification of a device "following" you because I have a tracker in my bag but no phone (or my phone is off, perhaps; or maybe it's just malfunctioning and mis-reporting as happens sometimes). You play the sound and find out it's in the bag underneath your seat on the bus, but that's my bag. You could attempt to rifle through it and take my tracker and disable it, but I'd probably stop you.
It does. Their instructions for disabling AirTags shows you how to remove their battery. That's a good thing: you shouldn't be able to remotely disable someone else's tracker.
I get notifications about my daughter’s AirPods following me, when she is with me. My daughter is part of my Apple Family plan, and the AirPods show up in my Find My devices. I thought this article was about handling those notifications, at first.
> you should only get the notification if the tag isn't with its owner
My airtag occasionally thinks it's not with me and apple watch wakes me up in the middle of the night even though my bag is in the next room of this tiny flat.
Yeah, I'm still trying to make sense of this, at all. Lots of technobable flying around and no big picture talk. Why the fuck would Google and Apple work together on this AND trash their tech at the same time. Feels like they are trying to stave off regulation.
Someone will find a way around this. It's too fun of a hack to go unanswered for more than a week. Now only the criminals will have this physical tracking ability (well,them and Apple+Google).
My wife fitted her luggage with AirTags but doesn't have an iPhone (just an iPad, normally turned off). The alerts I get are maddening, but I'd rather receive them than disable all alerting...
You know what would be even better? That they agree on a common standard for interoperability between both systems. They both work in the similar way and do the same thing, this would be great to have a standard.
“Apple and Google have worked together to create an industry specification”
…
“Apple and Google will continue to work with the Internet Engineering Task Force via the Detecting Unwanted Location Trackers working group to develop the official standard for this technology.”
That’s what is happening here. I’m not sure why people are always quick to assume negatives without doing even the most cursory reading of linked articles.
I should have made my point clear, but I'm referring to the tracking compatibility feature, that an airtag would be compatible for geolocation with the Android ecosystem and vice-versa toward building a global single tracking network instead of having 2 coexisting networks.
I think the problem they're referring to is that we're being dragged through this brouhaha to stop an unintended side-effect from a proprietary network. In an ideal world Android users can detect unwanted Airtags because the protocol is documented and open. In the world we live in, Google has to go out of their way to solve problems Apple is inventing for them.
The only possible interpretation of this is that Apple knows their current system wouldn't survive antitrust inquiries. So they're making a pathetically marginal concession ("well we did let you track the hostile users!") to cement the rationale of a pointlessly insular system. Once again, Apple is refusing to fully solve a fixable problem in order to artificially create a market in which to sell their solution.
"Apple and Google will continue to work with the Internet Engineering Task Force via the Detecting Unwanted Location Trackers working group to develop the official standard for this technology."
IOW:
"BigCorpA and BigCorpG will continue to work with Why Must This Task Force No Longer Focus On Progressing The Common Good And Instead Now Need To Focusing On Helping Try To Mitigate The Mess That Big Corps Are Causing via the Trying To Unfuck BigCorpA's Massive Privacy Oversight working group to develop an official standard which only BigCorpA and BigCorpG will have the resources to implement."
This is such a charade. Making "invisible" airtags is trivial [1], and I wouldn't be surprised if such airtags are being manufactured en-masse.
We allowed the creation of a global tracking network under the false pretense of privacy. The entire Find My security model falls apart when considering "malicious" tags, and Apple knew about this from the start.
In the security world, it seems accepted that no security effort is a silver bullet that's 100% impossible to get around.
Rather, it seems best practice to compose many layers of security efforts, which all work to raise the level of effort an attacker is required to exploit people.
Will this work with malicious tags as well? I.e. tags that are designed to not communicate with a given phone but with other devices nearby? Can that be detected? My understanding is that regular tags will communicate with all phones, but maybe there’s a way to differentiate who to respond to or change identity for every ping? Not familiar with the exact protocol but basically many different tags near a phone wouldn’t trigger the warning, so if a tag can produce multiple identifiers that the adversary controls it could still evade detection?
As far as I am aware, there is no way to stop malicious tags without modifying the protocol to authenticate the messages being broadcast as originating form a genuine tag. [1]
Making a tag that is not trackable is currently as easy as flipping a bit in the BLE advertisement. The same message is broadcast to all phones, but yes, a tag could also produce multiple identifiers and evade detection. [2]
[1]: Section 8 of "Abuse-Resistant Location Tracking: Balancing Privacy and Safety in the Offline Finding Ecosystem". https://eprint.iacr.org/2023/1332.pdf
Seems like in theory you could do that, though there are definitely heuristics you could apply to detect those tags, depending on how stealthy they are being.
Also on the servers side Apple could just limit you to a reasonable number of tags.
So if people are sticking these on valuable items, is the use case now for thieves to break into a house, wander around and be alerted when said valuable items (which are hidden or otherwise not obviously evident) are close by?
I would hope the threshold that has to be crossed for the alert functionality to trigger is more than a few minutes of proximity. Both items would have to move to together to weed out false positives, otherwise you’d set everything off at an airport terminal…
As someone that duct-tapes hidden AirTags in my luggage (replacing former use of Tile, but AirTags have a bigger network and I use an iPhone) this is not good news for me. I have close to a 0% concern about stalkers, and I have a significant concern about thievery while traveling. I have an AirTag in my luggage, on my keychain, in my wallet, and in various other places /specifically/ to ensure that while traveling I can recover my belongings and deter thievery. This just ruined all of that.
Well, anti-stalking notifications for AirTags have existed on iPhones (and Androids with an app) since the beginning. This only adds built-in support to Androids as well. So, sorry to break it to you, but your system has always been set up to notify any thieves with an iPhone (or a free app installed). Anti-theft is an anti-goal for the AirTag, and, in my opinion, that is the correct choice, because vigilantism is really not a good idea. What would you do with the location of your stolen item? Report it to the police, they won't do anything, and you shouldn't go to that location, the risk isn't worth it.
Vigilantism is a straw man, though. No one said anything about going to that location. And police being useless isn't necessarily a global phenomenon.
Just knowing that you might be tracked when stealing would have been a massive deterrent. Now you know you can just hang out with the stuff you've stolen half an hour to see if it's tagged, and then take it home without repercussions.
AirTags explicitly claim they aren't for anti-theft. I use them to track my luggage so they don't get sent to the wrong airport, not to deter thievery.
All the same I wonder how this will fare on airlines where many people are doing exactly your setup for their carry-ons.
If I'm not mistaken, you have to be actually traveling (i.e. beyond the house) with an unknown airtag for it to start alerting you. If your neighbors are not traveling with you places, it's probably not what's going on.
I’ve been notified of an “unknown AirTag” while I was home. When I checked the locations it was seen with me, it was a random zigzag within a block or two of my home.
I’m pretty sure what happened is that the AirTag belonged to one of my neighbours, there were some GPS distortions happening that made my phone think it was moving slightly, it kept hearing the AirTag’s signal, and it assumed I was being stalked while wandering near home. This person might have the same thing happening to them.
As soon as the new neighbor moved in I got airtag notifications for days until I silenced them. I can see the prompts being scary/confusing for a lot of people. It basically says "unknown airpod is following you around!!!!" almost making you think you have a stalker that put one on your car, when really its the neighbor getting home from work and tossing their keys on the counter near your wall.
Seems pretty easy to do on popular urban trails to be honest. Some of the trails in my town have a group of people every like 30 feet and its pretty easy to end up keeping pace with them the entire hike unless you walk faster and pass them up.
I have two airtags on me at all time. So my wife can find my wallet or my keys. I have an android. The iPhone network is larger so Apple seems more useful. And I can do nothing about these alerts.
I'd like to repost this as a top-level comment because a lot of people are complaining about the same thing:
It's a common misconception that Airtags and similar products are designed to help you locate stolen items.
They not. "Tracker on stolen device" and "Tracker planted for the purposes of stalking" are indistinguishable situations.
They're to help you find things that you lost. They're amazing for that. They're sometimes helpful for finding stolen things too, but that is a side-effect.
I first read this as unwanted alert tracking. Like, I’d love to have my phone intelligently track and block unwanted alerts, from the apps and OS makers that spam me.
I think the issue is that disabling notifications entirely from an application is undesirable; applications (Uber, Starbucks, Walgreens) will send you advertising notifications, but if you disable all notifications for the app because it's spamming you, you don't get notified when your car arrives, your drink is ready for pickup, or that your prescription has been filled.
It would be nice to be able to simply switch to a non-spammy vendor in that case, but that's not how the market works in the US.
I still need some functional alerts, but not the upsells.
And when I opt out of notifications, some apps (ahem, Substack) then regularly pop up a modal asking me to turn notifications on. I know what I said the first time, and the 10th, MFer.
Apple/Google will alert a computer if a potential Apple/Google competitor is tracking them. Makes one wonder who this is meant to benefit. The computer user or the company.
Hence the term "unwanted" location tracking.
The assumption made by Apple is that the computer user _wants_ Apple to track their locaton; the assumption by Google is that the computer user _wants_ Google to track their location.
There will be no alert that Apple or Google are receiving location data. Why alert the computer user about something that they "want".
It's the same ruse with Google or Apple providing ad blocking. The ad blocking feature will only interfere with ads that are not serviced through Apple or Google. Ads provided by Apple or Google shall remain unaffected.
These companies are engaged in online ad services. Why would they protect the computer user from online ads and data collection that makes online ads more targeted. There will be tracking and there will be ads, along with an ongoing assumption that the computer _wants_ tracking and ads but only if provided by Apple or Google.
This is only possible because the unique identifier that an AirTag transmits only rolls over once per day.
This means with a network of trackers, it is possible to track the location of a single airtag over the course of a 24 hour period even if you aren’t the owner.
"Specification-compatible" is doing a LOT of heavy lifting here. Sure, there are plenty of well-behaved companies making standards-compliant beacons, but there's nothing preventing proprietary approaches. Even with RPA it should be possible to implement "unwanted tracking" alerts for BT devices showing any given profile in their advertising data.
What truly bothers me as a user of both an iPhone, an airtag, and a Samsung, is the seemingly nonexistent option to "ignore this AirTag forever". I usually leave my iPhone at home, carrying my AirTag in my wallet. Yet, every day, I receive a notification about an AirTag tracking me. I wish there was a way to permanently disable this alert.
Mostly because GTA is a larger crime worth prosecuting, and there are like 4500 car thefts in NYC a year apparently.
For bread and butter theft, a bike theft in this case, an owner tried to get the orange county sherriff involved. They managed to come to where the ping was hitting, knocked on the door, couldn't do anything, had to leave. The bike owner went vigilante in this case and took the bike back, forcing the orange county sherriff dept to release this statement:
"As much as the convenience of technology plays a vital role in the quality of our lives, we want to remind our communities to utilize their local law enforcement services when they've been victimized by a crime instead of placing themselves into harm's way."
"GPS tracking devices, like an "AirTag", are used for tracking property like bicycles, backpacks, etc. Putting such devices onto property items will help you locate those items if missing or stolen; however, pursuing its recovery in a vigilante manner because the GPS device depicts its location could place you into a physically dangerous predicament."
For a point of reference on the policing culture in Orange County, they are currently running an ad campaign where they have "Crime doesn't pay in Orange County, you steal we prosecute" plastered on LA city and county busses. Its a little bit more active than other areas to say the least.
Will this affect battery life? I can see how Apple's proprietary AirTags don't affect battery (of smartphones around them) much, but if they're trying to detect other companies' trackers it seems less likely that the battery impact is quite so minimal.
A German Uni's (Darmstadt) IT mob developed an app called AirGuard that has been doing tracking device monitoring for some years now. I have it running right now.
Why on earth re-invent the wheel? A bunch of clever folk have been doing this for years.
I can't find an Apple version so I might suppose that either Apple's nose is out of joint with regards the name, or an Apple version was never released 8)
In the end this is a very decent resource and it should have been covered off by phone floggers, years ago. It's rubbish that G and A are presenting this as something new that they have come up with.
I want a feature to save a tracker as unharmful. Friends of mine carry AirTags on their keys, and if I go for a walk with them, I get the tracker alert every time.
People always worry about malicious tracking and conveniently forget that you could buy GPS+cellular trackers years and years ago. They are 100% undetectable and very precise.
AirTags always need an iDevice to be close by to update their location.
If we assume it's hidden so well it can't be found visually and doesn't transmit data constantly (deep sleep for X minutes, get GPS fix, send location, GOTO 10) - how could it be found?
If it’s hidden in a metal frame then it’s not going to get a good GNSS fix. And if you’re doing a deep sleep you’re powering down your GNSS module so not getting a proper warm fix.
I wish I could figure out how to configure my own trackers to stop beeping at me. I previously had an iPhone, but switched to an Android, and now my Airtags all think they're someone else's – even though they come home to the same place as my iPad and Mac every night. I can't figure out how to tell Apple they're actually mine, so they just keep randomly chiming in my backpack every few days... and my Android phone keeps warning me :(
Kind of, in that traditional tracking device aren't aubject to this, but it's more expensive; you can't both leverage Apple or Google's network of devices as BT location receivers to track the target and “not implement this”, since this isn't something implemented by the tracking device but by the receiver networks.
So, why even bother with an Airtag then? I mean, they're useful in luggage and things that are easily stolen, so this just destroys any usefulness in that capacity. I bet you see a huge drop in Airtags being purchased.
We decided to opt out of the Google and Apple finding networks and the new proposed standards because it completely ruins the ability to use Bluetooth devices to deter theft. If you put an AirTag on say your bike, and thief steals it, they will get a notification and immediately just find and disable it.
We actually built a (controversial) feature that lets you opt out of anti-stalking features if you scan a government ID. As of today, we have zero known instances of abuse—the friction of scanning an ID is enough to make a bad guy think twice, and a committed stalker can just go get an LTE-enabled stealth GPS device on Amazon. It is crazy that the press and regulators focus on Bluetooth devices when actual stalking devices are readily available.
Some people are commenting on how small our network is. People don't realize that Life360 is on 1 in 8 phones in the US. We are huge outside of tech bubbles. If you are at an airport, mall, or anywhere with any meaningful density of people, our network is on par with the big guys. There is a J curve to the benefits of increasing density, and outside of rural areas we essentially have complete coverage.
Beyond this, we just announced a new satellite-to-Bluetooth network this morning, and we plan to open it up to developers in 2025. It won't matter where you lose your stuff, we will be able to find it. And thieves won't.
> because it completely ruins the ability to use Bluetooth devices to deter theft
I'd rather have the assurance that at-risk groups like women, marginalized people, and notable people are not at risk of having a cheap and easy to use location tracker attached to them. As others have pointed out, these trackers are not meant for, and are ill-suited to use as anti-theft devices. We've had Lojack like devices for years and they'll still work all the same regardless of the reporting standard.
> People don't realize that Life360 is on 1 in 8 phones in the US.
So that's 12% of devices. Another way to look at it is you have a 1 in 8 chance that the device will work and notify you when a potential reporting device approaches it.
> CEO of Tile / Life360 here.
As an Android user who is only now getting to use Bluetooth beacon tech like our iPhone friends have had with airtags for quite some time, I'm in the market for these devices. Your statement here makes me think I should look for devices other than Tile, even if they did participate in the standard.
> As of today, we have zero known instances of abuse
Emphasis on known. The whole point of stalking is to hide the device and not get caught. How would a typical victim even discover it? Or even if they figured out they were stalked, that it was with a Tile device and thus report it?
ID scanning is easy to defeat. This is just ripe for abuse and it's good that Apple/Google took measures to block stalking, even at the expense of anti theft use cases.
And if it was a tile device, that it had the "help me stalk people" feature turned on. And if it did have that feature turned on, that they should report it to tile. Generally I would expect a significant fraction of people in this sort of situation aren't reporting it to anyone.
Considering the multiple examples listed in the lawsuit [1] that the CEO is aware of, there are certainly stalking instances that they know about. Just none that they know of since 2022 (when they introduced the anti stalking features) with the anti stalking features disabled.
I won't repeat what I have said in other comments but scroll down for more specific thoughts on the points you make.
At a meta-level, we don't think the bad behavior of a very very small number of abusive should degrade the product for tens of millions of good actors. Theft is unfortunately extremely prevalent and a key reason why customers by trackers - we think the greater good is to responsibly support this use case.
We have put safeguards in place that make it tough to use our products to stalk, and while nothing is perfect, the only complaints of stalking we have received are from people who were allegedly stalked by Tiles that did NOT have the anti-theft feature turned on. By adding this ID scanning friction, which includes a liveness check, we have empirical data that the bad actors go elsewhere.
Humans are lazy. The average person who steals a bike is not going to pull out a Bluetooth sniffer. And if they did, they would probably find dozens of nearby devices (try it yourself - I just did and have 53 Bluetooth devices near me).
Thieves will, however, reply to an alert that says there is a tracker following you and hit the "disable" button. Friction is key. Google and Apple are making it extremely easy for thieves. We are pushing back on this.
I was able to track down my stolen vehicle with the help of Tile and now put them hidden in all my vehicles since they don't alert like an Air Tag does.
This has reaffirmed my decision to use Tile. It seems it's now the most effective option for tracking my property among similar bluetooth tags. Stalking is awful but as you say there are many more effective tools for that, tools which will still be available to people who want to use them no matter what Tile does. If an effective product gets crippled - for a good cause, sure - but crippling it doesn't actually advance that cause, why do it?
We use a third party and they do a liveness scan with a live camera feed so it is not nearly that simple.
I'm sure we can come up with edge cases or potential ways people could cheat the system, but we are adding so much risk and friction to stalkers that they would likely just buy a real stealth GPS tracker with an LTE connection.
As a genuine question, why is there no outrage for these devices that are literally marketed as stealth trackers?
Yes, and we will fight it and win. This was also before we launched our anti-theft feature by the way.
If you want to see the insanity of going after bluetooth devices, just search "stealth GPS device" on google and see what comes up. Ebay is targeting me with an ad that says "Hidden GPS Tracking Device for sale" There are legit LTE enabled stalkers right there in plain sight.
> Some people are commenting on how small our network is.
I'm currently in a city, and when I open the map it gives me a circle telling me that there are 1,807 people using tile in that circle. This city population is a bit shy of 1 million, and while the circle doesn't cover it all it does cover the densest parts, so if we conservatively say 400,000 people in that circle then that means that the percentage of people with the app is about 0.45%. Now I don't know if the Life360 users are included in that count, that said I also have never heard of anyone who uses it here.
As an aside, I do wish the app were able to update more often. I have a tile tracker on my bike (and obviously the app on my phone), and I can leave a place, bike ten minutes to home, lock up the bike, go inside, and the app will often still tell me that my bike is where it was before I rode it home. I guess there's a battery tradeoff there though.
Hey; Tile user here. I can’t figure out your iPhone app any more.
It switches between modes at random (map, we’ll notify you, and the signal meter) when the signal is weak, and it says we have to replace batteries constantly. (Even though we just replaced them — is the tile shorted out internally, or do we have to reset a timer somewhere, or what?). Also, it spams upsell attempts while doing this. You may as well be displaying ads for competitors at this high-stress point in the UI flow!
Other than the above stuff, which feel kind of like bugs, I’ve noticed it’s hard to figure out which building (in a 1 acre space) our keys were last seen in. We own all the phones and tiles around here, so giving better precision probably wouldn’t be a privacy issue.
I’d rather go with a smaller, cross platform provider, but we’re seriously considering switching to AirTag.
Thanks for standing up for functionality vs. questionable privacy protection.
Weird- can you email me? chris@life360.com and I will forward this to get looked into. The map thing seems like a bug. I'd also like to learn more about your concerns on over upsells.
Personally I feel like the anti-theft nature of these devices is massively outweighed by the horrible outcomes of stalking and clandestine tracking. They're not a theft deterrent, in fact they're generally hidden so a thief has no idea it's there. And what are you going to do, show up with a posse to get your stuff back?
The world would be better if tracking devices did not exist. It's a shame you've decided to actively reject anti-stalking features.
I am very open to being wrong and changing course, but let's have a data-driven decision.
When we launched our anti-theft feature, we were clear that if we found there was widespread abuse, we would change course. We have had literally zero complaints of anyone being stalked with a device where anti-theft was enabled.
And I think you are misunderstanding the new standards. Google and Apple will proactively notify thieves of nearby trackers, and allow a thief to disable it. This is next level bad for anyone relying on their tracking device to protect against theft.
What is the data that would change your mind? I would change my mind if we found that more than .1% of our customers were abusing this feature.
How is it an anti-theft device if the thief doesn’t know it’s there?
I could see this being used in the aggregate to ascertain drop off points or chop shops, but at an individual level it doesn’t stop your stuff from being stolen. Even the aggregate case requires buy in from law enforcement to actually act on the information which is not a small thing.
Sure, I agree with that. We did user testing and people understood the concept. It is anti-theft in the sense you have a real chance of getting your stuff back, unlike with AirTags and now Google network devices where thieves will just disable the tracker.
As a personal bias, I believe companies like yours are pathologically unable to do the right thing. Take my reply with that in mind.
I carefully examined life360.com, trying to put myself in the shoes of somebody who was stalked, magically divined that life360 was involved, and wanted to report the issue. The extent of my options on life360.com are:
1. Do Not Sell or Share My Personal Information
And that's it. There does not exist a "contact us" or other general mechanism, and there certainly does not exist an abuse reporting mechanism. If that happens to exist behind other filters or paywalls then it's not relevant when discussing how the average customer would interact with your website.
With that in mind, I would expect an exactly 0% abuse rate regardless of how abusive your product actually is. You confirm that number. I'm not surprised.
The ball is in your court. How do you prove to the world that you _actually_ care about abuse? How _should_ a real abusee interact with your website? Why isn't it obvious? What are the exact numbers? And so on...
That link specifically dissuades anyone who is a victim from contacting your company. It directs them to contact police or a lawyer, and you provide no ability in that link to contact your company.
I take that to mean there were zero law enforcement reports. Going to law enforcement is always your port of call when dealing with any sort of criminal activity happening as it relates to a tech company. Even Apple says this as it relates to AirTags.
Think about it for a second. If anyone could contact a tech company to get people's information based on a serial number, this would be abused by people who could steal your phone, airpods, or bag containing an airtag, claim to be stalked, contact the manufacturer directly, and get your home address from the manufacturer by giving them the serial number.
"If you feel your safety is at risk, you can contact your local law enforcement, who can work with Apple. You might need to provide the AirTag or its serial number."
> We have had literally zero complaints of anyone being stalked with a device where anti-theft was enabled.
First, it's highly likely that someone being stalked wouldn't realize a tile device was the cause. Secondly, you said Tile and Life360 are on only 12% of devices. So maybe 1 out of 10 stalkers will be successful in using your device to stalk. That's not enough data to state so conclusively that this doesn't happen. I'm sure if Tile was more popular (and thus more functional) and more stalkers knew they were the best devices for stalking, they would use them.
Theft is more common. Each instance of stalking does more damage. I haven't the faintest clue how I should weigh the cost against the benefit here, but I certainly don't like how the CEO here is blatantly attempting to downplay the stalking-enabling-externality their theft prevention device has.
Maybe in the US, I know several cases where stolen bikes were returned and thieves charged in central Europe. I've never lost anything, but had a bike stolen and I'm in fear of having another one stolen. GPS trackers are not a real option for me (monthly fee, high battery consumption, not having an e-bike which would make it easier). These trackers are a great idea and I do get why stalking is an issue. But I'm with the Tile CEO when it comes to other or even better options for stalking. GPS trackers are way more accurate and I assume that swapping them or recharging them is less of a concern in that case.
It's a shame that stalking is a concern. It's a shame that this had to be implemented and effectively breaks the devices use case for most people. But I'm not even mad at Apple or Google, because I also think that it is their responsibility to protect people from being stalked.
Tile is also not an option for me, in Europe pretty much no one uses it. I will still try my luck with Apple and Google/Pebblebee Tags. Does anyone have experience how long it takes until you get notified about a tracker moving with you?
> They're not a theft deterrent, in fact they're generally hidden so a thief has no idea it's there.
A potential car thief doesn't know if your car has an alarm on it either, but he just assumes that it does because most do. With wide enough adoption of these devices, it could work out the same.
I do agree there is a role for an anti-theft device specifically where there is vastly higher requirements from the user (government identification, liveness checks, etc).
I presumed such a device would require a low-power cellular service. Glad to see you're making it work using Bluetooth.
That said these higher requirements should not apply if the device has these anti-stalking notifications.
Judging from the pettiness of the negative comments against Tile, I have to assume it’s the single greatest product on the market! Also, it appears your comment is being suppressed, because the age and number of replies should put it higher, but it’s now buried hours later.
> If you put an AirTag on say your bike, and thief steals it, they will get a notification and immediately just find and disable it.
And if a stalker puts it there, me finding it is a feature.
> scan a government ID
Considering how badly companies keep my private data private, be it email addresses or even direct passwords, scanning a government ID for a $10 tag seems really bad from a privacy perspective. Once you get hacked too (like many other, larger companies have been), the hackers will have all the peoples ID scans too to use with another company implementing such features.
Edit: Hey man I'm not engaging you on this, you chose to opt-out of this safety feature and you've enabled stalkers that target at risk groups like me. Nope.
Yes, we were sued, but we will fight it and win. I think most people on Hacker News know to approach lawsuits with skepticism.
And I feel like many people being critical of us are arguing with emotions and not data. You have to scan a government ID and agree to severe penalties for misusing our product. We have had zero instances of reported stalking from anyone who has enabled the anti-theft feature.
Can you articulate with data why what we are doing is problematic?
I briefly installed Life360 when some members of a group trip tried to sell the rest of us on it as a sort of emergency personal location beacon, like the colonists had in Aliens. It's one of the most domestic-abuser-friendly apps I've ever seen.
Most of the people your products are being misused to stalk can't even turn off their location sharing because the person who's insisted they install the app/hardware will assume that doing so means they're off spending time with someone else, or whatever their personal paranoid fantasy is. Why would someone being subjected to that contact you? It would just enrage whoever is monitoring their movements when their account was suspended, or whatever your process is.
The people misusing your products in that way don't think they're doing anything wrong, so they're not going to hesitate to have you verify their ID.
> Most of the people your products are being misused to stalk can't even turn off their location sharing because the person who's insisted they install the app/hardware will assume that doing so means they're off spending time with someone else, or whatever their personal paranoid fantasy is.
Other than location history, is there a big difference between Life360 and builtin iPhone location sharing? To me, that's not enough to put the product in a different category.
Since you’re in an at-risk group, I strongly suggest you look into the sorts of devices the CEO mentioned, especially if you own a car (or any portable thing that could hold a pound of batteries, like a bike or a scooter).
Though some things in that space are marketed to stalkers, there are legitimate use cases for such technologies, and therefore the only LTE tracking devices I’ve seen in person were sold at reputable stores.
So if someone steals my luggage they can drive around with it until it alerts them and they turn my luggage tracker off?
I am not complaining.
What it amounts to, is that the digital world enables so much information gathering and using flexibility, we need fine grain permissions and controls for our devices and services, so they "do the right thing" for all kinds of corner cases.
But we don't have an information infrastructure for that, so the best we can do is balance concerns.
> So if someone steals my luggage they can drive around with it until it alerts them and they turn my luggage tracker off?
It's a common misconception that Airtags and similar products are designed to help you locate stolen items.
They not. "Tracker on stolen device" and "Tracker planted for the purposes of stalking" are indistinguishable situations.
They're to help you find things that you lost. They're amazing for that. They're sometimes helpful for finding stolen things too, but that is a side-effect.
It's because people come up with all kinds of cargo cult things they think will increase their phone battery but don't actually matter or make it worse. Going into the app switcher and hand killing all apps is the other one.
They don’t “disallow” turning off Bluetooth easily. You can trivially do it via the settings app. The control panel pull down does it temporarily because that’s what most people want. 99.9% of people are turning off wifi because the wifi connection they currently have is acting up. So turning it back on tomorrow so the user doesn’t forget and ends up chewing through mobile data is the obvious best UX.
Nah, this is clearly a deliberate dark pattern from Apple. They could easily add a long-press option on the Bluetooth icon to fully disable it. But they don’t.
My solution is a Shortcut to disable Bluetooth, triggered by a widget on my Home Screen. It’s annoying that I need to allocate space for that, but at least I can (actually) toggle Bluetooth without opening Settings.
Except that every single iOS update, including today's iOS 17.5, silently re-enables Bluetooth even after you specifically disable it in the Settings app.
FB9992639 "Thank you for filing this feedback report. We reviewed your report and determined the behavior you experienced is currently functioning as intended."
Sigh. I get it there's been a few abuses of the technology... but it was literally already ripe for abuse anyway.
Whether Apple intended this or not: The real world primary use case for AirTags is still tracking stolen crap. I would to _not_ want to alert thieves to the presence of an attached tracker in that case. I guess tracking your lost luggage is likely a #2, but if you were to survey what people were actually using them for, I'm betting it'd be #1 above.
The only way I can think of solving this is allowing a silent mode on the tracker that requires both a private key from the user (to avoid getting NSL'd) and a private key from law enforcement (Apple / Google already have law enforcement portals) and finally one-way hashing the keys and publishing the results to a public irrevocable block ledger. One could see if your key was on the list to see if you Airtag was silenced, but you couldn't pick out specific tags that were silenced. The law enforcement agency's keys would also be hashed and published, allowing us some transparency on who is requesting the most tag silences, so we could monitor the monitors. If this were bundled up in a blockchain, and the tags were programmed only to act on a blockchain, we could avoid abuse and gain a useful feature.
> Whether Apple intended this or not: The real world primary use case for AirTags is still tracking stolen crap.
You're conflating your primary use case with the world's. 95% of the AirTags I'm aware of in the wild in both my family and friends are used for finding misplaced items - not stolen ones.
